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DETAILED ACTION 
Claim Objections 
Claims 1-16 are objected to because of the following informalities: 

1. Claims 1, 8 and 10, in line 1. recite: "characterised by". Comprising, 
consisting or including should replace this statement. 

2. Claims 2 and 9, in line 1 , recite: "can include" and "can include any of, 
respectively, "include at least one of should replace these statements. 

3. Claim 2 in line 2, recite: "can be". This statement should be replaced by 

are . 

4. Every claim should be ended by a period, 

5. Every limitation in the claims, except the last one should be ended by a 
semicolon, ";". 

6. An "and" should be added after the semicolon to the end of limitation 
before the last limitation. 

For example, the first claim may be written as follows: 

1 . A method for securing a computer systerh, comprising: 

a) Augmented selected memory items by Memory Item Headers 
(MIH); 

b) Replacing traditional memory to the selected memory items by 
Pointers to Intermediary Pointer Objects (PIPOs); and 

c) Validating references made to the memory items through the 
PIPOs at run-time. 
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Appropriate correction is required. 

Claims 3 and 16 are objected to under 37 CFR 1.75(c) as being in improper 
form because a multiple dependent claim should refer to other claims in the alternative 
only, or, and cannot depend from any other multiple dependent claim. See MPEP 
§ 608.01 (n). Accordingly, the claim has not been further treated on the merits. 

A series of singular dependent claims is permissible in which a dependent claim 
refers to a preceding claim which, in turn, refers to another preceding claim. 

A claim which depends from a dependent claim should not be separated by any 
claim which does not also depend from said dependent claim. It'should be kept in mind 
that a dependent claim may refer to any preceding independent claim. In general, 
applicant's sequence will not be changed. See MPEP § 608.01 (n). 

Claim Rejections - 35 USC §112 

The following is a quotation of the second paragraph of 35 U.S.C. 112: 

The specification shall conclude with one or more claims particularly pointing out and distinctly 
claiming the subject matter which the applicant regards as his invention. 

Claim 15 is rejected under 35 U.S.C. 112, second paragraph, as being indefinite 
in that it fails to point out what is included or excluded by the claim language. This claim 
is an omnibus type claim. 



Application/Control Number: 10/717,444 Page 4 

Art Unit: 2132 

Claim 16 is rejected under 35 U.S.C. 112, second paragraph, as being indefinite 
for failing to particularly point out and distinctly claim the subject matter which applicant 
regards as the invention. 

This claim is indefinite because applicant neither discloses nor suggests any 
embodiment or descriptions in the specification that one of ordinary skill in the art would 
reasonably interpret the apparatus for performing the recited methods of the previous 
claims would require any hardware components. 

Claim Rejections - 35 USC § 101 

35 U.S.C. 101 reads as follows: 

Whoever invents or discovers any new and useful process, machine, manufacture, or composition of matter, or 
any new and useful improvement thereof, may obtain a patent therefor, subject to the conditions and 
requirements of this title. 

Claim 11 is rejected under 35 U.S.C. 101 because the claimed invention is 
directed to a non-statutory subject matter. 

This claim is directed to software per se, which is non-patentable material. Thus, 
the claimed invention in this claim does not fulfill the requirements of 35 U.S.C. 101 and 
is non-statutory. 

Claim Rejections - 35 USC § 102 

The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that 
form the basis for the rejections under this section made in this Office action: 
A person shall be entitled to a patent unless - 
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(b) the invention was patented or described in a printed publication in this or a foreign country or in public 
use or on sale in this country, more than one year prior to the date of application for patent in the United 
States. 

Claims 1-16 are rejected under 35 U.S.C. 102(b) as being anticipated by 
Yarom (5,949,973). 

Regarding claims 1,15 and 16, Yarom discoses: 

A method for securing a computer system, characterised by: 

a) Augmented selected memory items by Memory Item Headers (MIH) (e.g., col. 4, lines 
60-65, where modifying the memory content corresponds to the recited augmenting 
selected memory items) 

b) Replacing traditional pointers to the selected memory items by Pointers to 
Intermediary Pointer Objects (PIPOs) (e.g., col. 4, lines 51-65 and col. 5, lines 1-12, 
where modifying the stack pointer corresponds to the recited replacing traditional 
pointers) 

c) Validating references made to the memory items through the PIPOs at run-time (e.g., 
col. 3, lines 60-63, col. 5, lines 32-36, col. 7, lines 45-46 and col. 8, lines 32-40, where 
blocking an attacker to access a memory location or an vulnerable program 
corresponds to the recited validating references made to the memory items because a 
legitimate username is checked). 

Regarding claim 2, Yarom discoses: 

A method in accordance with claim 1, wherein said selected memory items can include 
functions, arrays, objects, fundamentals and other program constructs that can be 
referenced through a traditional pointer (e.g., col. 4, lines 30-35). 
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Regarding claim 3, Yarom discoses: 

A method in accordance with claims 1 and 2, wherein the Memory Item Headers (MIH) 
include information about the original memory item; said information to include at least 
the length of the original memory item or a biased version thereof and optionally 
additional information including: a) Type information b) Access rights c) Reference 
counts d) Object Ids (e.g., col. 4, lines 50-65). 

Regarding claim 4, Yarom discoses: 

A method in accordance with any of the previous claims, wherein the Pointers to 
Intermediary Pointer Objects hold a reference to a newly disclosed Intermediary Pointer 
Object (IPO); said Intermediary Pointer Object having at least two parts: a) A reference 
to a memory item's header (MIH) (e.g., col. 5, lines 1-12) b) An offset to a location in the 
memory item (e.g., col. 5, lines 27-36). 
Regarding claim 5, Yarom discoses: 

A method according to claim 4 wherein said offset is with regard to the start of the 
original memory item or the start of its MIH (e.g., col. 5, lines 37-41). 

Regarding claim 6, Yarom discoses: 

A method according to any of the previous claims wherein said Pointers to Intermediary 
Pointer Objects assume an IPO offset of zero and reference a MIH directly (e.g., col. , 
lines). 



Application/Control Number: 10/717,444 
Art Unit: 2132 



Page 7 



Regarding claim 7, Yarom discoses: 

A method according to any of the previous claims wherein said references have the 
same form as traditional pointers (e.g., col. 9, lines 15-21). 

Regarding claim 8, Yarom discoses: 

A method according to any of the previous claims wherein said validating is 
characterised by checking that attempts to reference a memory item through a PlPO 
are consistent with the information held in the corresponding MIH and IPO (e.g., col. 7, 
lines 55-61). 

Regarding claim 9, Yarom discoses: 

A method according to claim 8 wherein said consistency checking can include any of: 
a) Bounds checking b) Type checking c) Access checking d) Reference count checking 
(e.g., col. 6, lines 31-43). 

Regarding claim 10, Yarom discoses: 

A method according to claim 9 wherein said bounds checking is further characterised by 
lower and upper bounds checking that may be applied together or independently (e.g., 
col. 2, lines 1-14 and col. 8, lines 63...). 

Regarding claim 11, Yarom discoses: 
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A method according to any of the previous claims wherein said validating is performed 
by instrumentation implemented in either: a) Software or b) Hardware (e.g., col. 3, lines 
45-55). 

Regarding claim 12, Yarom discoses: 

A method according to claim 11 wherein, said hardware instrumentation is implemented 
in the CPU of a computer system as new instructions or in modifications to the 
microcode for existing instructions (e.g., col. 1 , lines 49-56). 

Regarding claim 13, Yarom discoses: 

A method in accordance with any of the previous claims wherein run-time PIPOs are 
distinguished from traditional pointers by: registers reserved for PIPOs, memory areas 
reserved for IPOs, tags, maps, new CPU instructions or new address modes (e.g., col. 
4, lines 50-65 and col. 9, lines 22-40). 

Regarding claim 14, Yarom discoses: 

A method according to any of the previous claims implemented as modifications to a 
compilation process, run-time libraries, functions, in-line macros, system calls, source 
translation or other means (e.g., col. 4, lines 40-44). 
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Conclusion 

The prior art made of record and not relied upon is considered pertinent to 
applicant's disclosure. 

US 4922414 A to Holloway; John T. et al. 
US 20030014667 Al to Kolichtchak, Andrei. 
US 6467083 B1 to Yamashita; Fumiaki. 
US 5206933 A to Farrell; Joseph K. et al. 

Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Abdulhakim Nobahar whose telephone number is 571- 
272-3808. The examiner can normally be reached on M-T 8-6. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Gilberto Barron can be reached on 571-272-3799. The fax phone number 
for the organization where this application or proceeding is assigned is 571-273-8300. 

Information regarding the status of an application may be obtained from the 
Patent Application Information Retrieval (PAIR) system. Status information for 
published applications may be obtained from either Private PAIR or Public PAIR. 
Status information for unpublished applications is available through Private PAIR only. 
For more information about the PAIR system, see http://pair-dlrect.uspto.gov. Should 
you have questions on access to the Private PAIR system, contact the Electronic 
Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a 
USPTO Customer Service Representative or access to the automated information 
system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. 
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